From: Phillip Hallam-Baker <hallam@ai.mit.edu>
Date: Fri, 3 Oct 1997 10:53:15 +0800
To: "'Attila T. Hun'" <cypherpunks@cyberpass.net>
Subject: RE: counter-intuitive -- spam is good for you.  anonymous assholes are your friend
Message-ID: <01BCCF84.84FC2100.hallam@ai.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain





On Thursday, October 02, 1997 11:54 AM, Attila T. Hun [SMTP:attila@hun.org] wrote:
>     if Phill is secure, what difference does it make if you assault
>     him?  my guess is he is not secure, and probably has no clue how
>     to get from there to secure.

Because when you ring the alarm bell on my system
it is answered by law enforcement and it costs about 
$10,000 a time to deal with the issue.

Setting off fire alarms costs real money. 


Incidentally the security line you are pushing is a crock.
To get real security I believe you have to have feedback
and monitoring. This is especially important in an institutional
setting where you may not have complete control of critical
infrastructure. For my application simply hoping the guys 
with the white hats find security holes before those in the 
black ones do is simply not enough.

In any case I'm not as complacent as Attila seems to think
the security model has been amply reviewed by the best
in the field.

Threatening to catch the malefactor and put him behind bars
is a valuable additional security tool. The more bad guys
there are behind bars the less time I have to spend worrying.

		Phill